The third release candidate of pfSense (a small, FreeBSD-based firewall) is out and ready for testing: "1.2-RC3 has been released! Here are just a few of the new improvements and features that have made their way into this new version: IPSEC Carp rules cleanup; IPSEC stability workarounds for > 150 tunnels; do not allow sticky connection bit to be set if PPPoE is enabled; work around heavy network activity issues; bump lighttpd to 1.4.18; show wireless nodes regardless of whether we can determine BSS value; IPSEC tunnel endpoint highlighting in system logs; show the IPSEC interface as an option for the traffic graph; add RRD settings page; make it possible to disable RRD graphs; correctly set reflection timeout for all protocols; restart SNMP services after LAN IP changes..." See the release announcement for a complete list of changes. Download: pfSense-1.2-RC3-LiveCD-Installer.iso.gz (49.7MB, MD5).

pfSense is a m0n0wall-derived operating system. It uses Packet Filter, FreeBSD 6.x (or DragonFly BSD when ALTQ and CARP is finished), ALTQ for excellent packet queuing, and an integrated package management system for extending the environment with new features.

Chris Buechler has announced the release of pfSense 2.2, a major new update of the project's FreeBSD-based specialist operating system for firewalls and routers: "I'm happy to announce the release of pfSense software version 2.2. This release brings improvements in performance and hardware support from the FreeBSD 10.1 base, as well as enhancements we've added such as AES-GCM with AES-NI acceleration, among a number of other new features and bug fixes. In the process of reaching release, we've closed out 392 total tickets (this number includes 55 features or tasks), fixed 135 bugs affecting 2.1.5 and prior versions, fixed another 202 bugs introduced in 2.2 by advancing the base OS version from FreeBSD 8.3 to 10.1, changing IPsec keying daemons from racoon to strongSwan, upgrading the PHP backend to version 5.5 and switching it from FastCGI to PHP-FPM, and adding the Unbound DNS Resolver, and many smaller changes." Read the rest of the release announcement for a complete list of changes and new features. Download links: pfSense-LiveCD-2.2-RELEASE-amd64.iso.gz (84.2MB, SHA256), pfSense-LiveCD-2.2-RELEASE-i386.iso.gz (79.5MB, SHA256).

Jared Dillard has announced the release of pfSense 2.1.4, a free network firewall distribution based on FreeBSD: "2.1.4 follows very shortly after 2.1.3 and is primarily a security release. Packages also had their own independent fixes and need updating. During the firmware update process the packages will be re-installed properly. Otherwise, uninstall and then re-install packages to ensure that the latest version of the binaries is in use. Other fixes: patch for Captive Portal pipeno leaking issue which leads to the 'Maximum login reached' on Captive Portal; remove text not relevant to Allowed IPs on the Captive Portal; remove units from burst as it is always specified in bytes; add column for internal port on UPnP status page; make listening on interface rather than IP optional for UPnP...." See the release announcement and release notes for more details. Download: pfSense-LiveCD-2.1.4-RELEASE-amd64.iso.gz (92MB, SHA256).

Jim Thompson has announced the release of pfSense 2.1.1, a free network firewall distribution based on FreeBSD with a customised kernel and free third-party software packages for additional functionality: "I'm happy to announce the release of pfSense 2.1.1. The largest change is to close the following security issues / CVEs: FreeBSD-SA-14:01.bsnmpd / CVE-2014-1452; FreeBSD-SA-14:02.ntpd / CVE-2013-5211; FreeBSD-SA-14:03.openssl / CVE-2013-4353, CVE-2013-6449, CVE-2013-6450. Other than these, the em/igb/ixgb/ixgbe drivers have been upgraded to add support for i210 and i354 NICs. Some Intel 10Gb Ethernet NICs will also see improved performance." Follow the release announcement and the detailed release notes for further information. Download: pfSense-LiveCD-2.1.1-RELEASE-amd64.iso.gz (92MB, SHA256).

Chris Buechler has announced the release of pfSense 2.1, a free, open-source and customised distribution of FreeBSD tailored for use as a firewall and router: "I'm proud to announce the release of pfSense 2.1, and our new Gold subscription. The 2.1 book and our AutoConfigBackup service, available for years to support subscribers, are immediately available today to Gold subscribers. This release brings many new features, with the biggest change being IPv6 support in almost every portion of the system. There are also a number of bug fixes and touch-ups in general. Three FreeBSD security advisories are applicable to prior pfSense releases. These aren't remotely exploitable in and of themselves, but anyone who can execute arbitrary code on your firewall could use one or more of these to escalate privileges." See the detailed release announcement for a complete list of changes, new features, bug fixes and package updates. Download links: pfSense-LiveCD-2.1-RELEASE-amd64.iso.gz (90.4MB, SHA256), pfSense-LiveCD-2.1-RELEASE-i386.iso.gz (77.6MB, SHA256).

Chris Buechler has announced the release of pfSense 2.0.3, an updated version of the FreeBSD-based operating system for firewalls: "I'm happy to announce the release of pfSense 2.0.3. This is a maintenance release with some bug and security fixes since 2.0.2 release. You can upgrade from any previous release to 2.0.3. Changelog: updated to OpenSSL 0.9.8y; fix XSS in IPsec log possible from users possessing shared key or valid certificate; fix obtaining DNS servers from PPP type WANs (PPP, PPPoE, PPTP, L2TP); fix captive portal redirect URL trimming; voucher sync fixes; captive portal pruning/locking fixes; fix problem with fastcgi crashing which caused CP issues on 2.0.2; clear the route for an OpenVPN endpoint IP when restarting the VPN, to avoid a situation where a learned route from OSPF or elsewhere could prevent an instance from restarting properly...." See the detailed release announcement for a complete list of security and bug fixes. Download: pfSense-2.0.3-RELEASE-amd64.iso.gz (88.0MB, SHA256), pfSense-2.0.3-RELEASE-i386.iso.gz (76.6MB, SHA256).

Chris Buechler has announced the release of pfSense 2.0.2, an updated version of the project's specialist FreeBSD-based operating system for firewalls: "pfSense 2.0.2 is a maintenance release with some bug and security fixes since the 2.0.1 release. You can upgrade from any previous release to 2.0.2. Base OS updated to 8.1-RELEASE-p13 to address FreeBSD security advisories. Added a warning to PPTP VPN configuration page - PPTP is no longer considered a secure VPN technology because it relies upon MS-CHAPv2 which has been compromised. If you continue to use PPTP be aware that intercepted traffic can be decrypted by a third party, so it should be considered unencrypted. We advise migrating to another VPN type such as OpenVPN or IPsec. Fix reference to PPTP secondary RADIUS server shared secret. PPTP 1.x to 2.x configuration upgrade fixes." See the detailed release announcement for a complete list of security and bug fixes. Download: pfSense-2.0.2-RELEASE-i386.iso.gz (76.2MB, SHA256), pfSense-2.0.2-RELEASE-amd64.iso.gz (87.6MB, SHA256).

Chris Buechler has announced the release of pfSense 2.0.1, an updated version of the project's FreeBSD-based operating system for firewalls: "The pfSense 2.0.1 release is now available. This is a maintenance release with some bug and security fixes since the 2.0 release. This is the recommended release for all installations. As always, you can upgrade from any previous release to 2.0.1, so if you haven't upgraded to 2.0 yet, just upgrade straight to 2.0.1. For those who use the built-in certificate manager, pay close attention to the notes below on a potential security issue with those certificates. The following changes were made since 2.0 release: improved accuracy of automated state killing in various cases; various fixes and improvements to relayd...." Here is the brief release announcement. Download: pfSense-2.0.1-RELEASE-i386.iso.gz (97.9MB, SHA256), pfSense-2.0.1-RELEASE-amd64.iso.gz (110MB, SHA256).

Chris Buechler has announced the release of pfSense 2.0, a major new update of the specialist FreeBSD-based operating system designed for firewalls and gateways: "I am proud to announce the release of version 2.0. This brings the past three years of new feature additions, with significant enhancements to almost every portion of the system." Features and changes: "Based on FreeBSD 8.1-RELEASE; i386 and amd64 variants for all install types (full install, NanoBSD, embedded, etc.); USB memory stick installer images available; GRE and GIF tunnels; 3G support; multi-Link PPP (MLPPP) for bonding PPP connections; LAGG interfaces; IP Alias type Virtual IPs; IP Alias VIPs can be stacked on CARP VIPs to go beyond the 255 VHID limit in deployments that need very large numbers of CARP VIPs; QinQ VLANs; bridging enhancements - can now control all options of if_bridge, and assign bridge interfaces...." Read the release announcement and visit the features and changes page for more detailed information and upgrade instructions. Download: pfSense-2.0-RELEASE-i386.iso.gz (97.8MB, SHA256), pfSense-2.0-RELEASE-amd64.iso.gz (110MB, SHA256).

Chris Buechler has announced the availability of the third release candidate for pfSense 2.0, a FreeBSD-based operating system for firewalls: "I'm happy to announce what will likely be the final 2.0 release candidate, RC3, is now available. RC2 was a snapshots-only tag. The mirrors are currently syncing, with a few of them done already and the remaining will sync within the coming hours. There are considerably fewer open issues on 2.0 right now than there were on 1.2.3 when it was released, and no major outstanding problems. 2.0 has gotten widespread use in production environments over the last year plus including in our most critical networks, and looks to be ready for release. We expect final release within a month, and consider RC3 the preferred release for all new installs." Here is the full release announcement. Download: pfSense-2.0-RC3-i386.iso.gz (96.5MB, SHA256), pfSense-2.0-RC3-amd64.iso.gz (110MB, SHA256).